CVE-2006-2906

EPSS 15.3%

libgd2 - insufficient input sanitising

發布日:2006/6/8修改日:2026/4/28

描述

The LZW decoding in the gdImageCreateFromGifPtr function in the Thomas Boutell graphics draw (GD) library (aka libgd) 2.0.33 allows remote attackers to cause a denial of service (CPU consumption) via malformed GIF data that causes an infinite loop.

受影響套件(2)

Debian/libgd2from 0, < 2.0.33-5
Debian/libgd2from 0, < 2.0.33-1.1sarge1

參考連結(1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2006-2906